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LOTTERY TICKET SECURITY METHOD 

10 

Field of the Invention 

The invention relates to lottery ticket manufacturing methods and in particular to 
secure methods for manufacturing lottery tickets particularly instant tickets having play 
1 5 indicia indicating whether or not the ticket is a prize winner imaged on the tickets. 

Background of the Invention 

In most instant lottery ticket games, a set of tickets is imaged with play or prize value 
indicia under a scratch-off coating according to a predetermined prize structure. Typically, 

20 the prize structure consists of one or more large value prizes, a number of lesser value prizes 
and a large number of tickets that are not prize winners. The prize values in a game are 
distributed randomly on the tickets so that, in theory, each player has an equal chance to win 
one of the prizes. In the United States, lottery ticket manufacturers or vendors typically 
produce lottery games that are divided up into pools where each pool has a prize structure. 

25 Each pool is then divided into a number of packs where each pack contains a preset number 
of lottery tickets. For example, a game might have several million tickets where each pool 
contains 240,000 tickets and each pool contains 800 books of 300 tickets. However, games 
can be organized in different ways and can, for example, consist of a set of packs not grouped 
into pools. Usually each individual pack of tickets, also termed books, is packaged by the 

30 vendor for delivery to the lottery administration or lottery sales agents. 

The term "image" is a term that is commonly used by lottery ticket manufactures or 
ticket vendors to indicate a system whereby variable indicia including ticket symbols such as 
play indicia and validation numbers are transferred onto the instant ticket as opposed to, for 
example, display printing which is the typical method of applying a common graphic to all 

35 the tickets in a game. Although these symbols are not technically printed on the ticket, it is 
common to use the terms imaged and printed interchangeably. The invention as described 
below is independent of whether symbols are imaged or printed. 

As part of the manufacturing process, the vendor images ticket identification data 
which can include the game number, pack number and ticket number on each lottery ticket 
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5 along with other information that includes a validation number and a bar code. The barcode 
typically represents both the inventory information and validation number and is generally 
imaged on the ticket back. The data on each ticket, including the ticket identification data, 
the play indicia, the barcode, is typically generated by computer programs and inkjet imaged 
on each ticket. All of this data including the game play data, the ticket identification data and 

10 the validation number is imaged on the ticket and is subsequently covered by a scratch-off 
coating. The lottery tickets are then sent to a state lottery administration for sale. For these 
types of lottery tickets, one function of the validation number is to reduce fraudulent 
redemptions where the ticket has been altered. The validation number is usually an encrypted 
number that serves to uniquely identify the lottery ticket and therefore the play data on that 

15 particular ticket so that the lottery administration can determine if, in fact, the ticket is a 
winner when it is redeemed by a player. 

This method has been termed a 'single pass security' process where there is a defined 
relationship between the ticket identification data and the validation number imaged on each 
lottery ticket. This relationship may algorithmic. Or this relationship may be a file or a set of 

20 files that relate the ticket identification data to the validation number. In 'single pass 

security', there is a definite method to determine the ticket's value based on either (1) the 
ticket identification data or (2) the validation number. For example, one could use the ticket 
identification data as an input to a computer program or algorithm to determine the ticket's 
value. One could also use the ticket's validation number as input to determine the ticket's 

25 value. 

In order to improve security, a manufacturing technique termed 'dual security' was 
developed to eliminate the relationship between the ticket identification data and the 
validation number. In this method, the ticket identification data imaged on the ticket, 
specifically the pack number, cannot be used to determine the ticket's value; however, the 
30 validation number could still be used to determine the ticket's value. Lottery tickets printed 
using this technique have a pack number imaged on the tickets that is different than the pack 
number originally assigned by the game generation program used in the lottery ticket 
programming process. This security process was designed to irreversibly break the 
relationship between the pack number and the validation number imaged on the ticket. Thus, 
35 knowledge of the game generation program or its results can not be used illicitly by someone 
having access to this information to select winning lottery tickets before they are sold. 

One approach to dual security is to employ a shuffling routine, using a shuffle key, for 
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5 example, as an input variable, to independently shuffle the pack numbers in a pool after they 
are computer generated by the lottery ticket programming process. The result is a set of pack 
numbers imaged on the tickets that are unknown to those having access to the game 
generation program. In this approach, the shuffle keys are not recorded or maintained by the 
vendor's programming staff and as a result, the dual security is essentially irreversible. 

10 Furthermore, the possibility of anyone on either the vendor's or the lottery administration's 
staff of being able to illicitly identify winning lottery tickets by using the pack and ticket 
number imaged on the tickets is substantially reduced. 

However, dual security has significant disadvantages in that the process does not 
permit the vendor to provide reports or services that rely on the pack number as the key to the 

1 5 value of the pack. For example, it does not allow the vendor to reconstruct listings of tickets 
from the imaged pack number in order to adjust for manufacturing variances. Nor does it 
allow the vendor to provide reports of the aggregate value of the shipment of tickets to the 
Lottery. In both cases, neither the vendor and specifically the vendor's programming system 
nor the lottery administration has a method to determine the value of a set of tickets based on 

20 the imaged pack number. 

Summary of the Invention 

It is therefore an object of the invention to provide a method of manufacturing lottery 
tickets that provides the security of a dual security type process where ticket identification 
25 information imaged on the ticket is severed from ticket value information while at the same 
time also providing the capability to reconstruct, under certain limited circumstances, ticket 
information from the identification information imaged on the ticket. 

It is also an object of the invention to provide a method of manufacturing lottery 
tickets that provides the security of the dual security process while at the same time also 
30 provides the capability for the vendor and the lottery administration to reconstruct ticket 
information from the imaged pack number on the ticket under certain limited circumstances. 

A further object of the invention to provide a method of manufacturing instant lottery 
tickets where ticket identification data such as pack numbers imaged on the tickets are 
shuffled as in a dual security method, but where the mechanism for shuffling this information 
35 can be reversed under certain specified circumstances. 

An additional object of the invention is to provide a dual security type method for 
manufacturing lottery tickets where pack numbers are shuffled in each pool or in each game 



5 before the tickets are printed according to a shuffling algorithm and where the shuffle seeds 
used in the shuffle algorithm are maintained in an encrypted file or files. A decryption key 
for the encrypted shuffle seed file can be used by the vendor or the lottery administration or 
an independent trusted third party to unshuffle the dual security pack numbers and thus 
transform the imaged pack numbers into the game generation pack numbers known by the 

10 game programming computer system. This allows for the reconstruction of game play indicia 
for game adjustment purposes and manufacturing adjustments by pack number. To enhance 
security, an independent third party can be used to administer the management of the 
encryption/decryption keys during the manufacturing process for the vendor. During life of 
the instant ticket game, the third party may also provide additional security services to the 

1 5 state lottery administration related to the invention. 

Still another object of the invention is to provide the necessary computer hardware 
and algorithms to the state lottery administration that will allow the lottery to obtain from the 
vendor a reconstruction of the game play data via the imaged pack number. For example, the 
lottery administration can input the shuffled pack number imaged on the ticket to a computer 

20 algorithm, which in turn, decrypts the shuffled pack number such that the vendor can 
reconstruct the unshuffled pack number. In this manner, the vendor is then capable of 
providing to the lottery a reconstruction of the game data based on the imaged pack number 
as administered, for example, by a lottery administration security department. 

A further object of the invention is to define two independent numeric domains used 

25 to identify pack numbers. One domain, the PI domain, is the set of unshuffled pack numbers 
generated and known by the computer programs used in the generation of game data. The 
second domain, P2, is the set of shuffled pack numbers imaged on the tickets during the 
manufacturing process. 

Yet another object of the invention is to define and provide for the manufacture of 

30 lottery tickets a system of computer hardware and software that is capable of securely 

defining the relationship between the two independent numeric domains, PI and P2, such that 
this relationship remains an unknowable secret and that any attempt to breach this 
relationship is detectable. 

A further object of the invention is to define and provide for the manufacture of 

35 lottery tickets a system of computer hardware and software that is capable of securely 

translating packs from the PI domain into packs from the P2 domain and vice versa. Game 
programming personnel can perform their work on the internal PI domain, and a secure 



5 computer transforms any outgoing data into the external P2 domain such that game 

programming personnel are (1) unaware of the relationship between the two domains and (2) 
unaware that the pack is transformed into the P2 domain. 

It is also an object of the invention is to define and provide for the manufacture of 
lottery tickets a system of internal audit procedures that documents and monitors the 
10 translation between the PI and P2 domains such that any unauthorized translation is 
detectable before a lottery game is set for sale. 

Another object of the invention is to define and provide for the manufacture of lottery 
tickets a system of external audit procedures performed by a "Trusted Third Party" that 
further documents and monitors the translation between the P 1 and P2 domains such that any 
1 5 unauthorized translation is detectable before a lottery game is set for sale. 

Another object of the invention is to define and provide for the manufacture of lottery 
tickets a system of procedures performed by a "Trusted Third Party" during the full lifecycle 
of an instant ticket game such that their services enhance the security of the instant game. 

20 

Brief Description of the Drawings 

Fig. 1 is a front plan view of an instant lottery ticket; 

Fig. 2 is a block diagram of a the relationship between an instant ticket vendor, a 
lottery administration and a Trusted Third Party according to the invention; 
25 Fig. 3 is a block diagram of a lottery ticket manufacturing system according to the 

invention; and 

Figs. 4A and 4B provide a logic flow diagram of a method of manufacturing lottery 
tickets according to the invention. 

30 Detailed Description of the Invention 

Fig. 1 is a simplified representation of a conventional instant lottery ticket 10 that 
includes an imaged identification 12 of the ticket 10 and a scratch-off material 14 covering a 
set of play indicia (not shown). Also, imaged on the lottery ticket 10 is a validation number, 
indicated at 16 by the term VIRN, which can be imaged on the lottery ticket 10 in either or 

35 both alphanumeric or bar code form and in some cases covered by a scratch-off coating. The 
validation number 16 can be imaged as a barcode on the back of the lottery ticket 10 as well. 
In conventional instant lottery games, the tickets 10 are imaged with play indicia under the 
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5 scratch-off coating 14 that indicate the prize value of the lottery ticket 10. It should be 
understood that there are a wide variety of lottery tickets including probability tickets and 
instant lottery tickets with variable prizes along with tickets of various types of construction 
and that the lottery ticket 10 of Fig. 1 is only shown to provide a context for a method of 
secure manufacture according to the invention. 

10 With reference to Figs. 2 and 3, operation of the preferred embodiment of the 

invention for the secure method of manufacturing lottery tickets such as the instant lottery 
ticket 10 will be described. It should be understood however that the invention can equally 
apply to methods of manufacturing lottery tickets other than that described in connection with 
Fig. 2 where, for example, a game structure does not include a pool, pack, ticket number 

1 5 combination or where data is applied to a lottery ticket by methods other than imaging or 
printing. Here, Fig. 2 is a block diagram 1 8 depicting a method of manufacturing lottery 
tickets such as the ticket 10 for a typical state-administered lottery system according to the 
invention. Included in the block diagram 18 are a block 20 representing a vendor or ticket 
manufacturer, a block 22 representing a lottery administration and a block 24 representing an 

20 independent third party. It is typical practice in the United States lottery industry for a ticket 
vendor such as the vendor 20 to provide the lottery administration 22 with one or more sets of 
tickets 10 where each set is defined as a game. Each game will normally have a structure 
with a predetermined number of winning tickets and a predetermined number of losing 
tickets. In some cases, games are divided into pools where each pool has its own prize 

25 structure, that is, a predetermined number of winning tickets having predetermined 

redemption values. Each pool is then divided into a number of packs, also termed books, 
which in turn contain a predetermined number of tickets. For example, a game might have 12 
million of the tickets 10 divided up into 50 pools where each pool contains 800 packs of 300 
the tickets 10. Note, however, it is not integral to the invention that the game be subdivided 

30 into pools. An instant ticket game could simply be a subdivision of packs, without being 
further subdivided into pools. 

The first step in the process of manufacturing a game, after the game has been 
designed, is for the vendor 20 to run a game generation program indicated by a block 26. The 
output of the generation program 26 is a ticket data file 28 that contains a record for each 

35 ticket where the records are organized by pool, pack number and ticket number. An example 
of a portion of such a file is provided below: 
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G P_ T VIRN BARCODE PLAY DATA 

217 - 00800 - 000 - 372250687988 - 2170080000037225068798 - 5XX2L1TDL 
217-00800 -001 -367229412701 - 2170080000136722941219 - XTL2DDT5Z 



217 - 00800 - 010 - 266754724227 - 2170080001026675472422 - D2T2DT5LX 

10 

Where G - Game number, P =pack number; T = Ticket Number, VIRN - validation number, 
BARCODE = barcode; and PLAY DATA = the "game data" that defines the play value of 
the lottery ticket. In this illustration of the invention, a pool is a logical subdivision of a 
game, and it is not integral to the invention. A game can also simply be composed of a single 

1 5 set of packs. The ticket data file 28 is then formatted as indicated at 30 per the specifications 
of an inkjet imaging system 32 such as, a Scitex 3600 imaging system operated by the vendor 
20. It is also audited as indicated at 34, and a resulting ticket image file 36 is then audited, as 
indicated at 38, and used by the vendor 20 to image the information onto the lottery tickets 10 
at 32. The information imaged on the tickets 10 includes the ticket identification data 12, the 

20 VIRN number 1 6 along with the play indicia. The VIRN number 1 6 and play indicia are 
typically covered by the scratch-off coating 14. Also, the BARCODE data can be used to 
print a bar code that contains the ticket identification data on the back of the ticket 10. 

In the single-pass security method as described above, the lottery tickets 10 are 
imaged with the exact same information that is contained in the ticket data file 28 including 

25 the pack number, ticket number and validation data. Therefore in single-pass security, the 
pack numbers in the ticket data file 28 represent the same ticket data, that is the play indicia, 
the validation number, and the barcode, as the pack numbers in the ticket image file 36. In 
practice this results in the fact that the imaged pack numbers on the physical ticket packs set 
for delivery to the lottery 22 are the exact pack numbers found in the ticket data file 28. This 

30 relationship would allow one with access to the ticket data file 28 to know all variable game 
data, including winner information, found within a delivered, unscratched book of tickets by 
searching for corresponding pack number within the ticket data file 28. For example, if the 
lottery tickets 10 in a pack x had value y in the ticket data file 28, then by using the single- 
pass security method, the lottery tickets 10 in the pack x would have the same value y in the 

35 distributed tickets . 

In the dual security method, however, a shuffle algorithm as represented in a block 
40is used by the vendor 20 as indicated by a block 36 to shuffle the pack numbers such that 



5 the pack numbers in the ticket data file are irreversibly shuffled at 40 before they are written 
to the ticket image file 36. By doing this shuffle, any existing link between the ticket 
identification 12 and the VIRN numbers 16 imaged on the tickets 10 is broken. Any attempt 
to use the ticket data file 28 to determine the value of the lottery tickets in any one of the 
delivered packs would be essentially fruitless. For example, if the tickets 10 in the pack x had 

1 0 the value y in the ticket data file 28, then by definition of dual-security, the pack x would be 
very unlikely to have the value y in the distributed tickets 10. In the case of a pool with 800 
packs, the odds of the distributed pack x having the valuer would be approximately 800 to 1 . 

One of the top level risks addressed by the dual security method is collusion between 
game programming and game distribution. Specifically, one with illicit access to a game 

1 5 generation file generated at 26 could pass information to one with illicit access to a pack 

distribution file. The former typically has information regarding the value of a pack; and the 
latter has information regarding the location of the pack. 

As discussed above, the primary mechanism of addressing the risk of collusion is to 
irreversibly shuffle the pack identifier such that a pack number in the game generation file or 

20 in the ticket data file 28 is not guaranteed to equal a pack number in the distributed tickets 10. 
Therefore, even the illicit passing of the pack information from a game generation 
organization such as the vendor 20 to a game distribution organization such as the lottery 
administration 22 does not provide the location of winning packs that have been distributed 
by either of the organizations. 

25 Conventional dual security methods implement a one-way shuffle between the pack 

identifiers and the effectiveness of dual security is based on the principle that once a pack has 
been generated, shuffled and imaged, it can never be unshuffled. 

In practice, a shuffle algorithm is used to shuffle the pack identifiers after the game 
data is generated and before the tickets are imaged. It is typical for shuffle algorithms to 

30 accept as input a seed, which in turn, mathematically governs the shuffle algorithm and thus 
results in a shuffle that is unpredictable. Typically, the seed is discarded after use which 
makes it virtually impossible to reverse the shuffle. As a result, no one, including the 
programming staff of the vendor 20 nor the lottery administration 22 can use the ticket data 
file 28 generated by the generation program 26 to determine which of the printed lottery 

35 tickets 10 are winners. 

Again, not being able to reverse the shuffle has several significant disadvantages. 
Because the vendor's programming department has no ability to assess the value of the pack 



5 by using the pack number in the ticket data file 28, the vendor 20 can not provide reports 
detailing the exact value of a particular shipment of the tickets 10. The same limitation 
prevents the vendor 20 from adjusting the prize fund due to manufacturing production 
variances. Finally, the lottery administration 22 cannot request a reconstruction based on the 
pack number imaged on the pack of tickets. 

10 In the method of the invention, however, a process is provided for establishing a 

secure, reversible link between the game generation ticket data file 28 and the ticket image 
file 36. More generally, the invention involves the provision of a link in a dual security 
environment that permits ticket value information to be reestablished with ticket 
identification information 12 imaged on the lottery ticket 10. For convenience of description, 

1 5 the method of the invention in the context of the system described above will be referred to as 
a keyed dual security method or KDS. This description of the KDS will include examples of 
a number of the computer programs and procedures necessary to address the issue of 
collusion that exists when tickets are produced using the single pass method and also, under 
certain controlled circumstances, overcome the inflexibility found in dual security method. 

20 In this description of the preferred embodiment of the invention, KDS defines two 

disjoint sets of pack identifiers: one set in the game generation domain, which is called the PI 
domain; and one set used in the distribution domain, which is called the P2 domain. The 
definition of these disjoint domains is the primary mechanism of addressing the risk of 
collusion: a pack number in the PI domain is not guaranteed to equal a pack number in the P2 

25 domain. For example, if the pack x had a value y in the ticket data file, then by the 

definitions used in this description of the invention, the pack x would not be guaranteed to 
have the value y in the distributed tickets. Therefore, because the packs are shuffled into the 
P2 domain after game generation, the illicit passing of pack information from game 
generation to game distribution does not guarantee that winning packs can be located. 

30 Furthermore, in this embodiment of the invention, the ticket manufacturer 20, under a set of 
controlled circumstances, can unshuffle the packs from the P2 domain back into the PI 
domain to allow for the creation of files and reports that depend on information from the P2 
domain. 

Another feature of the preferred embodiment of the invention involves the use of an 
35 independent oversight role performed by the Trusted Third Party 24. The Trusted Third Party 
24 can, in practice, be an independent firm or the security department of the lottery 
administration 22 or the security department of the vendor 20. During the production of each 



5 instant ticket game, the Trusted Third Party 24 will preferably oversee the ticket 

manufacturing process 32 as it relates to the invention and reports its findings to the lottery 
administration 22. A number of these oversight functions are shown in Fig. 2 at 24 and can 
include such functions as the inspection of any KDS log files 42 and audits of the various 
computer systems as they relate to the invention to ensure that no physical access has 
1 0 occurred. 

The preferred embodiment of the invention would also utilize a KDS Certification 
process. Preferably, the Trusted Third Party 24 would certify that the system architecture and 
software is developed in accordance with the objectives of the invention. The results of the 
certification process will preferably be in the public domain as a KDS Certification letter and 

1 5 will be available to the lottery administration 22. 

Moreover, one of the preferred roles of the Trusted Third Party as shown in block 24 
can include the additional duties of creating a set of public/private key pairs used to encrypt 
and decrypt the KDS shuffle seeds. The Trusted Third Party 24 can preferably distribute the 
key pairs to the vendor 20 and the lottery administration 22. Additionally, the Trusted Third 

20 Party 24 would maintain a copy of the key pairs. In the preferred embodiment, the Trusted 
Third Party 24 would also ensure that the KDS Shuffle seeds had been physically and 
logically deleted from a KDS Translation server 44. 

Therefore in general, in the preferred embodiment, the Trusted Third Party 24 would 
ensure that the rules established and agreed upon by the lottery administration 22 and the 

25 vendor 20 regarding the KDS method of ticket manufacturing are conformed to by both 
parties. 

Additionally included in the preferred embodiment of the invention is a secure system 
that is designed with the capability of transforming packs from the PI domain into the P2 
domain and vice versa. For convenience of description, the computer systems indicated at 44 

30 that securely shuffle and unshuffle pack identification data is termed the KDS Translation 
Server. In this embodiment, all pack information delivered from a game programming 
department 26 in the vendor 20 is shuffled into the P2 domain by the KDS Translation Server 
44; and all pack information delivered to the game programming department 26 is unshuffled 
into the PI domain by the KDS Translation Server 44 as depicted in Fig. 3. In this 

35 arrangement, the KDS Translation Server 44 serves as a gateway for all data traffic between 
the game programming department 26 and the manufacturing department 32. In this manner, 
all of the programs used by the game programming department 26 process only pack numbers 
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5 from the PI domain and have no knowledge of the P2 pack domain. Similarly, all printed 

tickets, shipment reports, validation files, and shipment files do not contain any knowledge of 
the PI domain. Preferably, the translation between the domains is handled solely by the KDS 
Translation Server 44 such that the only intersection of the domains is controlled by the 
architecture and procedures that define the KDS Translation Server. 
1 0 The systems that support the P 1 -P2 linkage form the basis for the security of the 

invention, which is founded on the principle that the linkage between the PI and the P2 
domains should remain a protected secret. In order for this secrecy to be maintained, it is 
critical that all functional elements that require knowledge of the P1-P2 linkage are executed 
within a secure environment that cannot be breached in a manner that is undetectable. 

1 5 Generally, it is preferred that any processing that requires knowledge of the P 1 -P2 

mapping will be performed within a system that is designed to protect this linkage. This 
includes a system that is physically isolated in a secure location. For example, it is preferable 
that the KDS Translation Server 44 be in a physically sealed environment, where one or more 
physical keys are required to gain access. To further increase security, it is also desirable that 

20 all such accesses to the physical keys be logged and require explicit authorization from 
specifically appointed personnel. 

In another feature of the invention, the KDS Translation Server 44 is also logically 
isolated by its operating system's access control features. In one example, only two 
individuals would have system access to the KDS Translation Server44: a system 

25 administrator from the instant ticket vendor 20 and an appointed analyst from the Trusted 
Third Party 24. This form of access to the machine 44 can be reserved for system 
administration and system audit. To further increase security, any other detected access to the 
KDS machine 44 results in the machine shutting down and all sensitive data destroyed. 
Startup of the machine 44 following any physical access could be considered a disaster 

30 recovery situation and require involvement by multiple individuals from both the vendor 20 
and the Trusted Third Party 24. 

It is also considered preferable that the KDS Translation Server 44 be further logically 
isolated by a firewall's access control system. This ensures that only certain users from 
specific ports and specific IP addresses have access to the systems that themselves access the 

35 KDS Translation Server 44. 

Further, it is considered desirable that the KDS Translation Server 44 be logically 
isolated by other application software. This further ensures that only certain users from 



5 specific ports and specific IP addresses have access to the systems that themselves are able to 
access the KDS Translation Server 44. 

Additionally, it is desirable that a comprehensive system of logging such as the file 42 
be used to ensure that all access to the system 44 can be reviewed by an independent party, 
such as the Trusted Third Party 24 or the security department of the lottery administration 22 

10 or a security department of the vendor 20 before the game is set for sale. The logs 42 can 
preferably beprotected by a method known as "Hash Chaining" which prevents any 
tampering with or additions to or subtractions from the log 42. 

In one aspect of the preferred embodiment of the invention, the KDS Translation 
Server 44 uses a KDS private key, a KDS shuffle algorithm, and a set of encrypted KDS 

1 5 seeds to shuffle and unshuffle packs between the PI and the P2 domains. Each item has a 
role in this embodiment and is preferably present within the KDS Translation Server 44 in 
order translate between the two domains. 

The KDS private key is preferably generated by the Trusted Third Party and is loaded 
on the KDS Translation Server. An associated KDS public key is delivered to the lottery 

20 administration 22 by the Trusted Third Party 24. The KDS shuffle seeds are then generated 
by the lottery security administration as needed for each game, encrypted with the public key 
and electronically delivered to the instant ticket vendor 20, specifically to the KDS 
Translation Server 44. 

Another significant feature of the invention relates to the activation and deactivation 

25 of the KDS shuffle seeds. In the preferred embodiment, for example, during the ticket 

manufacturing process, the encrypted KDS shuffle seeds can be logically activated on the 
KDS Translation Server 44 and then decrypted. Here, the KDS shuffle algorithm, using the 
KDS shuffle seed for that game, translates the game's pack identifiers to and from the PI and 
P2 domains as shown in Figure 2. Once the instant ticket game is shipped to the customer, 

30 the KDS Shuffle seeds are deactivated and deleted. Deactivation ensures that the KDS 
shuffle seeds are logically revoked and cannot be used by the KDS Translation Server 44 
even if they remain on the system. It should be noted that this activation and deactivation 
process can be used in other embodiments of the invention where for example a portion or all 
of the shuffle process can be activated and deactivated. 

35 It should also be noted that once the KDS shuffle seeds are deactivated and also 

deleted, the instant ticket vendor 22 will generally not be able to translate packs between the 
domains. As a result, the instant ticket vendor 22 will not have a means to process 
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meaningful pack value information based on the pack identifier. 

A further feature of the invention is the provision that all KDS Translation Server 44 
activity for each instant ticket game is logged to a secure log server. In practice, this can help 
ensure that there is a clear record of all shuffle/unshuffle activity. For example, a simplified 
log file stored in file 42 for example for a typical game can contain the following records: 

KDS shuffle seeds distributed and activated. 

KDS shuffle seed decrypted using KDS Private Key. 

KDS Translation Server shuffled PI packs into P2 domain. 

KDS Translation Server unshuffled P2 packs in to a shipfile 

KDS Translation Server shuffled PI packs in to a validation file. 

KDS shuffle seeds deleted and deactivated. 
In the preferred embodiment of the invention, the software for the KDS Translation 
Server 44 will force all transactions to be logged. During the KDS Certification process, the 
Trusted Third Party 24 will verify that the software will, in fact, securely log all transactions. 
Furthermore, the Trusted Third Party 24 will review each KDS Translation Server log 42 for 
each game and to identify any breach of security before the game is set for sale. 

In the invention as described above, the purpose of the KDS Shuffle algorithm is to 
shuffle game generation (PI) packs into distribution (P2) packs and vice versa in a secure and 
consistent manner. The KDS shuffle algorithm uses the decrypted KDS shuffle seeds to 
govern the distribution of the shuffle such that if KDS Shuffle seed x and unshuffled-pack-set 
y are input, then the resulting shuffle set is consistently shuffled-pack-set z. Conversely, if 
KDS shuffle seed x and shuffled-pack-set z are input, the results are consistently unshuffled- 
pack-set y. 

In other words, the KDS shuffle algorithm used in conjunction with the KDS shuffle seeds 
can consistently translate from the PI domain into the P2 domain and vice versa. 

The ability to securely and consistently shuffle and unshuffle the pack identifier 
allows the instant ticket vendor to manufacture tickets in an environment that permits the 
completion of certain agreed-upon single-pass-security services; and at the same time, it 
allow the instant ticket vendor to deliver instant tickets to the Lottery administration that 
exhibit the security restrictions of dual security. Furthermore, the independent role of the 
Trusted Third Party during the manufacturing process limits the instant ticket vendor's 
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single-pass freedom; and the role of the Trusted Third Party during the life of the game 
enhances the dual-security restrictions. 

The process flow charts of Figs. 4A and 4B provide a detailed description of the 
preferred method of operating the invention as described above. 

It should be noted that the invention has been described in terms of the preferred 
embodiment and it is not intended to limit the invention to any particular type of lottery 
ticket, encryption system, hardware configuration or communication system in addition to the 
general lottery ticket manufacturing process described. Other implementations of the 
concepts described above are possible. For example, this secure manufacturing method could 
be used with other types of lottery tickets such as pull tab tickets or even some types of 
electronically transmitted tickets. Also, various types of encryption/decryption techniques 
can be used in addition to the public key technique described. Implementation in various 
types of hardware and hardware configurations besides the KDS Translation Server 44 is 
possible as well such as a system of distributed special purpose computers. 
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